fsek · henrikssn · Mar 26, 2015 · Mar 19, 2015 · Mar 19, 2015 · Mar 19, 2015
diff --git a/Gemfile b/Gemfile
@@ -2,6 +2,8 @@ source 'https://rubygems.org'
 
 gem 'rails', '~> 4.2.0'
 
+gem 'cancancan'
+
 # Capistrano stuff
 gem 'capistrano', '~> 3.1.0'
 gem 'capistrano-bundler', '~> 1.1.2'
@@ -15,6 +17,7 @@ gem 'devise'
 gem 'fancybox2-rails'
 gem 'font-awesome-rails'
 gem 'fullcalendar-rails'
+gem 'haml'
 gem 'icalendar'
 gem 'jbuilder'
 gem 'jquery-rails'
@@ -27,8 +30,6 @@ gem 'prawn-rails'
 gem 'responders', '~> 2.0'
 gem 'sass-rails'
 gem 'sqlite3'
-gem 'the_role_bootstrap3_ui'
-gem 'the_role', github: 'TheRole/TheRoleApi', tag: 'v2.6'
 gem 'turbolinks'
 gem 'uglifier'
 gem 'wice_grid'
@@ -42,10 +43,11 @@ group :development, :test do
   gem 'factory_girl_rails'
   gem 'mailcatcher'
   gem 'poltergeist'
-  gem 'pry-byebug', '2.0.0'
-  gem 'pry-rails'
   gem 'rspec-rails'
   gem 'web-console', '~> 2.0'
+  gem 'pry-rails'
+  gem 'pry-byebug'
+  gem 'better_errors'
 end
 
 group :test do

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -1,13 +1,3 @@
-GIT
-  remote: git://github.com/TheRole/TheRoleApi.git
-  revision: 3f2a247bd922e3280ae0233b8ea439a6e5e79ca4
-  tag: v2.6
-  specs:
-    the_role (2.6)
-      multi_json
-      rails (>= 3, < 5)
-      the_string_to_slug (~> 1.2)
-
 GEM
   remote: https://rubygems.org/
   specs:
@@ -48,13 +38,16 @@ GEM
       tzinfo (~> 1.1)
     arel (6.0.0)
     bcrypt (3.1.10)
+    better_errors (2.1.1)
+      coderay (>= 1.0.0)
+      erubis (>= 2.6.6)
+      rack (>= 0.9.0)
     binding_of_caller (0.7.2)
       debug_inspector (>= 0.0.1)
     builder (3.2.2)
-    byebug (3.5.1)
-      columnize (~> 0.8)
-      debugger-linecache (~> 1.2)
-      slop (~> 3.6)
+    byebug (4.0.3)
+      columnize (= 0.9.0)
+    cancancan (1.10.1)
     capistrano (3.1.0)
       i18n
       rake (>= 10.0.0)
@@ -91,10 +84,9 @@ GEM
     coffee-script-source (1.8.0)
     colorize (0.7.5)
     columnize (0.9.0)
-    daemons (1.2.1)
+    daemons (1.2.2)
     database_cleaner (1.4.1)
     debug_inspector (0.0.2)
-    debugger-linecache (1.2.0)
     devise (3.4.1)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
@@ -192,8 +184,8 @@ GEM
       coderay (~> 1.1.0)
       method_source (~> 0.8.1)
       slop (~> 3.4)
-    pry-byebug (2.0.0)
-      byebug (~> 3.4)
+    pry-byebug (3.1.0)
+      byebug (~> 4.0)
       pry (~> 0.10)
     pry-rails (0.3.3)
       pry (>= 0.9.10)
@@ -221,9 +213,6 @@ GEM
       rails-deprecated_sanitizer (>= 1.0.1)
     rails-html-sanitizer (1.0.2)
       loofah (~> 2.0)
-    rails-i18n (4.0.4)
-      i18n (~> 0.6)
-      railties (~> 4.0)
     railties (4.2.1)
       actionpack (= 4.2.1)
       activesupport (= 4.2.1)
@@ -264,10 +253,10 @@ GEM
       multi_json (~> 1.0)
       simplecov-html (~> 0.9.0)
     simplecov-html (0.9.0)
-    sinatra (1.4.5)
+    sinatra (1.4.6)
       rack (~> 1.4)
       rack-protection (~> 1.4)
-      tilt (~> 1.3, >= 1.3.4)
+      tilt (>= 1.3, < 3)
     skinny (0.2.3)
       eventmachine (~> 1.0.0)
       thin (~> 1.5.0)
@@ -286,11 +275,6 @@ GEM
       colorize (>= 0.7.0)
       net-scp (>= 1.1.2)
       net-ssh (>= 2.8.0)
-    the_role_bootstrap3_ui (1.1)
-      haml
-      rails (>= 3, < 5)
-    the_string_to_slug (1.2)
-      rails-i18n (~> 4.0.0.pre)
     therubyracer (0.12.1)
       libv8 (~> 3.16.14.0)
       ref
@@ -329,6 +313,8 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
+  better_errors
+  cancancan
   capistrano (~> 3.1.0)
   capistrano-bundler (~> 1.1.2)
   capistrano-rails (~> 1.1.1)
@@ -343,6 +329,7 @@ DEPENDENCIES
   fancybox2-rails
   font-awesome-rails
   fullcalendar-rails
+  haml
   icalendar
   jbuilder
   jquery-rails
@@ -354,16 +341,14 @@ DEPENDENCIES
   paperclip
   poltergeist
   prawn-rails
-  pry-byebug (= 2.0.0)
+  pry-byebug
   pry-rails
   rails (~> 4.2.0)
   responders (~> 2.0)
   rspec-rails
   sass-rails
   shoulda-matchers
   sqlite3
-  the_role!
-  the_role_bootstrap3_ui
   therubyracer
   turbolinks
   uglifier

diff --git a/app/assets/javascripts/application.js.erb → app/assets/javascripts/application.js b/app/assets/javascripts/application.js.erb → app/assets/javascripts/application.js
@@ -15,7 +15,6 @@
 //= require jquery_ujs
 //= require bootstrap
 //= require_self
-//= require the_role_editinplace
 //= require jquery-ui/datepicker
 //= require moment
 //= require fullcalendar

diff --git a/app/controllers/admin/elections_controller.rb b/app/controllers/admin/elections_controller.rb
@@ -1,7 +1,7 @@
 # encoding: UTF-8
 class Admin::ElectionsController < ApplicationController
-  before_action :login_required
-  before_action :authenticate
+  load_permissions_and_authorize_resource
+
   before_action :set_election, only: [:show,:edit,:update,:destroy,:candidates,:nominations]
 
   def new
@@ -59,7 +59,7 @@ def candidates
   end
   private
   def authenticate
-    flash[:error] = t('the_role.access_denied')
+
     redirect_to(:back) unless (current_user) && (current_user.moderator?(:val))
   rescue ActionController::RedirectBackError
     redirect_to root_path

diff --git a/app/controllers/admin/rents_controller.rb b/app/controllers/admin/rents_controller.rb
@@ -1,6 +1,5 @@
 class Admin::RentsController < ApplicationController
-  before_action :login_required
-  before_action :authenticate
+  load_permissions_and_authorize_resource
   before_action :set_rent, only: [:show, :update, :destroy, :preview]
   before_action :set_councils, only: [:new, :show]
 

diff --git a/app/controllers/albums_controller.rb b/app/controllers/albums_controller.rb
@@ -1,8 +1,6 @@
 # encoding:UTF-8
 class AlbumsController < ApplicationController
-
-  before_filter :login_required  
-  before_filter :authenticate, only: [:new, :create,:edit,:destroy,:update,:settings,:destroy_images]
+  load_permissions_and_authorize_resource
   before_action :set_edit
   before_action :set_album, except: [:index,:new,:create,:settings]
   before_action :categories
@@ -187,7 +185,7 @@ def update
   end  
 private
   def authenticate
-    flash[:error] = t('the_role.access_denied')
+
     redirect_to(:back) unless (current_user) && (current_user.moderator?(:galleri))
 
     rescue ActionController::RedirectBackError
@@ -213,4 +211,4 @@ def image_params
   def album_params
     params.fetch(:album,{}).permit(:title,:description,:author,:location,:public,:start_date,:end_date,:album_category_ids => [],:subcategory_ids => [],images_parameters: [:id, :foto])
   end
-end
+end
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -1,19 +1,20 @@
 # encoding:UTF-8
 class ApplicationController < ActionController::Base
-  include TheRole::Controller
   protect_from_forgery
 
   before_filter :configure_permitted_devise_parameters, if: :devise_controller?
   before_filter :set_locale
 
-  def access_denied
-    flash[:error] = t('the_role.access_denied')
-    redirect_to(:back)
+  rescue_from CanCan::AccessDenied do |ex|
+    flash[:error] = ex.message
+    render text: '', layout: true, status: :forbidden
   end
 
-  rescue_from ActionController::RedirectBackError do
-    redirect_to root_path
-  end 
+  rescue_from ActiveRecord::RecordInvalid do |ex|
+    flash[:error] =
+      "Fel i formulär:  #{ex.record.errors.full_messages.join '; '}"
+    render referring_action, status: :unprocessable_entity
+  end
 
   rescue_from ActiveRecord::RecordNotFound do
     # translate record not found -> HTTP 404
@@ -23,24 +24,51 @@ def access_denied
   protected
 
   def configure_permitted_devise_parameters
-    devise_parameter_sanitizer.for(:sign_in) {|u| u.permit(:username, :password, :remember_me)}
-    devise_parameter_sanitizer.for(:sign_up) {|u| u.permit(:username, :email, :password, :password_confirmation) }
+    devise_parameter_sanitizer.for(:sign_in) { |u| u.permit(:username, :password, :remember_me) }
+    devise_parameter_sanitizer.for(:sign_up) { |u| u.permit(:username, :email, :password, :password_confirmation) }
     devise_parameter_sanitizer.for(:account_update) { |u| u.permit(:password, :password_confirmation, :current_password) }
   end
 
+  def self.permission
+    name.gsub('Controller', '').singularize.split('::').last.constantize.name rescue nil
+  end
+
+  def current_ability
+    @current_ability ||= Ability.new(current_user)
+  end
+
+  # load the permissions for the current user so that UI can be manipulated
+  def load_permissions
+    return unless current_user
+    @current_permissions = current_user.profile.posts.each do |post|
+      post.permissions.map { |i| [i.subject_class, i.action] }
+    end
+  end
+
+  # Enables authentication and
+  def self.load_permissions_and_authorize_resource(*args)
+    load_and_authorize_resource(*args)
+    before_filter(:load_permissions, *args)
+  end
+
+  def self.skip_authorization(*args)
+    skip_authorization_check(*args)
+    skip_before_filter(:load_permissions, *args)
+  end
+
   def set_locale
     locale = 'sv'
-    langs  = %w{ sv en }
+    langs = %w{ sv en }
 
     if params[:locale]
       lang = params[:locale]
       if langs.include? lang
-        locale           = lang
+        locale = lang
         cookies[:locale] = lang
       end
     else
       if cookies[:locale]
-        lang   = cookies[:locale]
+        lang = cookies[:locale]
         locale = lang if langs.include? lang
       end
     end
@@ -49,8 +77,7 @@ def set_locale
     redirect_to(:back) if params[:locale]
   end
 
-  def verify_admin
-    flash[:error] = t('the_role.access_denied')
-    redirect_to(:root) unless (current_user) && (current_user.admin?)
+  def referring_action
+    Rails.application.routes.recognize_path(request.referer)[:action]
   end
 end
diff --git a/app/controllers/constants_controller.rb b/app/controllers/constants_controller.rb
@@ -1,16 +1,14 @@
 class ConstantsController < ApplicationController
-  before_action :login_required
-  before_action :verify_admin
+  load_permissions_and_authorize_resource
+
   before_action :set_constant, only: [:show, :edit, :update, :destroy]
 
   # GET /constants
-  # GET /constants.json
   def index
     @constants = Constant.all
   end
 
   # GET /constants/1
-  # GET /constants/1.json
   def show
   end
 
@@ -24,43 +22,28 @@ def edit
   end
 
   # POST /constants
-  # POST /constants.json
   def create
     @constant = Constant.new(constant_params)
-
-    respond_to do |format|
-      if @constant.save
-        format.html { redirect_to @constant, notice: 'Constant was successfully created.' }
-        format.json { render action: 'show', status: :created, location: @constant }
-      else
-        format.html { render action: 'new' }
-        format.json { render json: @constant.errors, status: :unprocessable_entity }
-      end
+    if @constant.save
+      redirect_to @constant, notice: 'Constant was successfully created.'
+    else
+      render action: 'new'
     end
   end
 
   # PATCH/PUT /constants/1
-  # PATCH/PUT /constants/1.json
   def update
-    respond_to do |format|
-      if @constant.update(constant_params)
-        format.html { redirect_to @constant, notice: 'Constant was successfully updated.' }
-        format.json { head :no_content }
-      else
-        format.html { render action: 'edit' }
-        format.json { render json: @constant.errors, status: :unprocessable_entity }
-      end
+    if @constant.update(constant_params)
+      redirect_to @constant, notice: 'Constant was successfully updated.'
+    else
+      render action: 'edit'
     end
   end
 
   # DELETE /constants/1
-  # DELETE /constants/1.json
   def destroy
     @constant.destroy
-    respond_to do |format|
-      format.html { redirect_to constants_url }
-      format.json { head :no_content }
-    end
+    redirect_to constants_url
   end
 
   private